Lucene search
K

17 matches found

OSV
OSV
added 2022/12/25 6:30 p.m.23 views

GHSA-MW4X-G2X8-QCVF tree-kit vulnerable to Prototype Pollution

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

7.8CVSS7.6AI score0.00427EPSS
Exploits0References6
Prion
Prion
added 2022/12/25 4:15 p.m.16 views

Design/Logic Flaw

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

4.3CVSS7.7AI score0.00427EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/25 3:53 p.m.36 views

CVE-2021-4278 cronvel tree-kit prototype pollution

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

5.5CVSS7.9AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/25 12:0 a.m.5 views

PT-2022-11686 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: cronvel tree-kit versions up to 0.6.x Description: A problematic vulnerability has been found, affecting an unknown part of the software. The issue leads to improperly controlled modification of object prototype attributes, also known as...

7.8CVSS7.2AI score0.00427EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2022/02/24 3:15 p.m.26 views

CVE-2022-25643

seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...

9.8CVSS7.1AI score0.02076EPSS
Exploits0References4
NVD
NVD
added 2021/09/17 9:15 p.m.13 views

CVE-2021-41387

seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...

8.8CVSS0.01029EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/09/17 8:36 p.m.25 views

CVE-2021-41387

seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...

9.2AI score0.01029EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2021/09/17 8:36 p.m.15 views

CVE-2021-41387

seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...

8.8CVSS9AI score0.01029EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/09/17 8:36 p.m.39 views

CVE-2021-41387

seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...

8.8CVSS9AI score0.01029EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.3831 views

nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE

According to its Server response header, the installed version of nginx is 0.6.18 prior to 1.20.1. It is, therefore, affected by a remote code execution vulnerability. A security issue in nginx resolver was identified, which might allow an unauthenticated remote attacker to cause 1-byte memory...

7.7CVSS8.8AI score0.52838EPSS
Exploits10References3
UbuntuCve
UbuntuCve
added 2014/12/28 12:0 a.m.36 views

CVE-2014-8132

Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet...

5CVSS6.9AI score0.05145EPSS
Exploits0References4
NVD
NVD
added 2014/12/09 11:59 p.m.18 views

CVE-2014-9351

engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...

6.4CVSS6.5AI score0.02727EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2013/04/19 12:0 a.m.18 views

nginx 0.6.x Code Execution

Exploit Title: nginx Arbitrary Code Execution NullByte Injection Date: 24/08/2011 Exploit Author: Neal Poole Vendor Homepage: http://nginx.org/ Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz Version: 0.5., 0.6., 0.7 //file.ext%00.php or http:////file.ext/x00.p...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2012/05/24 12:0 a.m.17 views

nginx 0.6.x,0.7.x,0.8<=0.8.57 文件解析错误

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2006/02/08 1:2 a.m.13 views

CVE-2006-0582

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...

2.1CVSS6.4AI score0.00442EPSS
Exploits0References18
Prion
Prion
added 2006/02/08 1:2 a.m.27 views

Code injection

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...

2.1CVSS6.5AI score0.00442EPSS
Exploits0References18Affected Software1
Cvelist
Cvelist
added 2004/04/06 4:0 a.m.19 views

CVE-2004-0371

Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path...

6.3AI score0.01528EPSS
Exploits0References6
Rows per page
Query Builder